diff options
-rw-r--r-- | etc/file.profile | 2 | ||||
-rw-r--r-- | etc/git.profile | 2 | ||||
-rw-r--r-- | etc/gzip.profile | 2 | ||||
-rw-r--r-- | etc/strings.profile | 2 | ||||
-rw-r--r-- | etc/tar.profile | 2 | ||||
-rw-r--r-- | etc/unrar.profile | 2 | ||||
-rw-r--r-- | etc/unzip.profile | 2 | ||||
-rw-r--r-- | etc/uudeview.profile | 2 | ||||
-rw-r--r-- | etc/xzdec.profile | 2 | ||||
-rw-r--r-- | src/firejail/run_symlink.c | 2 |
10 files changed, 9 insertions, 11 deletions
diff --git a/etc/file.profile b/etc/file.profile index f709e7f0c..d145fe12a 100644 --- a/etc/file.profile +++ b/etc/file.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # file profile | 1 | # file profile |
2 | quiet | ||
2 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
3 | include /etc/firejail/disable-programs.inc | 4 | include /etc/firejail/disable-programs.inc |
4 | include /etc/firejail/disable-passwdmgr.inc | 5 | include /etc/firejail/disable-passwdmgr.inc |
@@ -16,7 +17,6 @@ protocol unix | |||
16 | seccomp | 17 | seccomp |
17 | shell none | 18 | shell none |
18 | tracelog | 19 | tracelog |
19 | quiet | ||
20 | x11 none | 20 | x11 none |
21 | 21 | ||
22 | blacklist /tmp/.X11-unix | 22 | blacklist /tmp/.X11-unix |
diff --git a/etc/git.profile b/etc/git.profile index edb59ce13..d60e58c03 100644 --- a/etc/git.profile +++ b/etc/git.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # git profile | 1 | # git profile |
2 | quiet | ||
2 | noblacklist ~/.gitconfig | 3 | noblacklist ~/.gitconfig |
3 | noblacklist ~/.ssh | 4 | noblacklist ~/.ssh |
4 | noblacklist ~/.gnupg | 5 | noblacklist ~/.gnupg |
@@ -19,7 +20,6 @@ nonewprivs | |||
19 | noroot | 20 | noroot |
20 | nosound | 21 | nosound |
21 | protocol unix,inet,inet6 | 22 | protocol unix,inet,inet6 |
22 | quiet | ||
23 | seccomp | 23 | seccomp |
24 | shell none | 24 | shell none |
25 | 25 | ||
diff --git a/etc/gzip.profile b/etc/gzip.profile index d51b9a951..feb27c150 100644 --- a/etc/gzip.profile +++ b/etc/gzip.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # gzip profile | 1 | # gzip profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /tmp/.X11-unix | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/strings.profile b/etc/strings.profile index 7c464bf88..2b7724b11 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -1,10 +1,10 @@ | |||
1 | # strings profile | 1 | # strings profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
5 | net none | 6 | net none |
6 | nosound | 7 | nosound |
7 | quiet | ||
8 | shell none | 8 | shell none |
9 | tracelog | 9 | tracelog |
10 | 10 | ||
diff --git a/etc/tar.profile b/etc/tar.profile index 91fdaf48d..3addb02fb 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # tar profile | 1 | # tar profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -8,7 +9,6 @@ hostname tar | |||
8 | net none | 9 | net none |
9 | no3d | 10 | no3d |
10 | nosound | 11 | nosound |
11 | quiet | ||
12 | shell none | 12 | shell none |
13 | tracelog | 13 | tracelog |
14 | 14 | ||
diff --git a/etc/unrar.profile b/etc/unrar.profile index 0700cafe9..bde6f4e22 100644 --- a/etc/unrar.profile +++ b/etc/unrar.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # unrar profile | 1 | # unrar profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -8,7 +9,6 @@ hostname unrar | |||
8 | net none | 9 | net none |
9 | no3d | 10 | no3d |
10 | nosound | 11 | nosound |
11 | quiet | ||
12 | shell none | 12 | shell none |
13 | tracelog | 13 | tracelog |
14 | 14 | ||
diff --git a/etc/unzip.profile b/etc/unzip.profile index a43785795..8c10d11a0 100644 --- a/etc/unzip.profile +++ b/etc/unzip.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # unzip profile | 1 | # unzip profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | blacklist /tmp/.X11-unix | 5 | blacklist /tmp/.X11-unix |
@@ -7,7 +8,6 @@ hostname unzip | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/uudeview.profile b/etc/uudeview.profile index 5ba0896ab..d5b750a13 100644 --- a/etc/uudeview.profile +++ b/etc/uudeview.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # uudeview profile | 1 | # uudeview profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /etc | |||
7 | hostname uudeview | 8 | hostname uudeview |
8 | net none | 9 | net none |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/xzdec.profile b/etc/xzdec.profile index 04f98cef6..6164e3200 100644 --- a/etc/xzdec.profile +++ b/etc/xzdec.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # xzdec profile | 1 | # xzdec profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /tmp/.X11-unix | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index a4dce405d..753c50208 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -90,8 +90,6 @@ void run_symlink(int argc, char **argv) { | |||
90 | if (asprintf(&firejail, "%s/bin/firejail", PREFIX) == -1) | 90 | if (asprintf(&firejail, "%s/bin/firejail", PREFIX) == -1) |
91 | errExit("asprintf"); | 91 | errExit("asprintf"); |
92 | 92 | ||
93 | printf("Redirecting symlink to %s\n", program); | ||
94 | |||
95 | // drop privileges | 93 | // drop privileges |
96 | if (setgid(getgid()) < 0) | 94 | if (setgid(getgid()) < 0) |
97 | errExit("setgid/getgid"); | 95 | errExit("setgid/getgid"); |